Date: Thu, 30 Nov 2000 23:16:23 -0500 (EST) From: Robert Watson <rwatson@FreeBSD.org> To: audit@FreeBSD.org Cc: security-officer@FreeBSD.org Subject: Solicitation for auditing process announcement Message-ID: <Pine.NEB.3.96L.1001130231140.6860A-100000@fledge.watson.org>
next in thread | raw e-mail | index | archive | help
John Baldwin made the recommendation that we should be more generally announcing and recommending the use of audit@ as a source of reviews. As such, I'd like for us to send out a two-fold announcement, first indicating that audit@ is willing to do review-on-demand and should be used, especially for security-oriented commits (changes to kernel security code, daemons running with privilege, and setugid binaries). Also, to appeal for those willing to help do code reviews for security purposes. I'll probably draft something up tomorrow, but wanted to solicit comments on the best way to phrase it, what ideas I should be presenting, and so on. I'd really like to pursuade our less security-sensitive committers that there is a reviewing resource available that can help improve their code, and pursuade those willing to do reviews that this can be a forum for doing so. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1001130231140.6860A-100000>